Personal
Information Protection and Electronic Documents Act
By Hilda
Lupul
Effective January 1, 2001, the above legislation became law across Canada. For purposes of this legislation, an organization includes an association, a partnership, a person, a limited company and a trade union. That includes landlords in their many forms. Personal information includes any factual or subjective information, recorded or not, about an identifiable individual. The information contained in a credit application and the credit report is subject to this Act.
It is an offence to:
-
Destroy personal information that an individual has requested
-
Retaliate against an employee who has complained to the Privacy Commissioner, or who refuses to contravene Sections 5 – 10 of the Act
-
Obstruct a complaint investigation or an audit by the Privacy Commissioner or his delegate
A person is liable to a fine of up to $10,000.00 on summary conviction or up to $100,000.00 for an indictable offence.
The new legislation sets out 10 principles to be met for compliance:
Accountability – An organization is responsible for personal information under its control.
Consent – The knowledge and consent of the individual are required for the collection, use or disclosure of personal information. Consent is voluntary agreement with what is being done/proposed. It is best to have written consent that can be kept on file.
Limiting Collections – The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization
Limiting Use, Disclosure and Retention – Personal Information shall not be used or disclosed for the purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for fulfillment of those purposes.
Accuracy – Personal information shall be as accurate, complete and up-to-date as is necessary for the purposes for which it is to be used.
Safeguards – Personal information collected shall be protected by security safeguards appropriate to the sensitivity of the information. Credit information should be kept in a secure, limited access filing cabinet.
Openness – An organization shall make readily available to individuals specific information about its policies relating to the management of personal information.
Individual Access – Upon request, an individual shall be informed of the existence, use and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Challenge Compliance – An individual shall be able to address a challenge concerning compliance with the above principles to the designated individuals or individuals for the organization’s compliance.
Note:
Forms sold by CAA office meet the
above criteria. Many other applications to rent do not. Please review your
paperwork.
Hilda Lupul is the Sales Manager for the Calgary Office of TransUnion Credit Services. Hilda advises that her office can provide you with suggested wording when obtaining the individual’s consent ---- contact us at: 1-800-801-3619 or 1-403-276-7808, Fax: 1-403-230-3835, or e-mail: hlupul@ncn.ca
